--- apiVersion: v1 kind: ConfigMap metadata: name: xray-config-template data: config.json.template: | { "log": { "loglevel": "warning" }, "api": { "tag": "api", "listen": "TAILSCALE_IP:10086", "services": [ "HandlerService", "StatsService", "LoggerService", "RoutingService", "ReflectionService" ] }, "stats": {}, "policy": { "system": { "statsInboundDownlink": true, "statsInboundUplink": true, "statsOutboundDownlink": true, "statsOutboundUplink": true } }, "inbounds": [], "outbounds": [ { "tag": "direct", "protocol": "freedom", "settings": {} } ], "routing": { "rules": [] } } --- apiVersion: v1 kind: ConfigMap metadata: name: xray-init-script data: init.sh: | #!/bin/sh set -e echo "Starting Xray configuration setup..." # Find xray binary location XRAY_BIN="" for path in /usr/bin/xray /usr/local/bin/xray /bin/xray /opt/xray/xray; do if [ -x "$path" ]; then XRAY_BIN="$path" echo "Found Xray binary at: $XRAY_BIN" break fi done if [ -z "$XRAY_BIN" ]; then echo "Error: Xray binary not found" echo "Available files in common locations:" ls -la /usr/bin/xray* 2>/dev/null || echo "No xray in /usr/bin/" ls -la /usr/local/bin/xray* 2>/dev/null || echo "No xray in /usr/local/bin/" ls -la /bin/xray* 2>/dev/null || echo "No xray in /bin/" exit 1 fi # Get Tailscale IP address TAILSCALE_IP="" # Try different ways to get Tailscale IP if command -v ip >/dev/null 2>&1; then TAILSCALE_IP=$(ip addr show tailscale0 2>/dev/null | grep 'inet ' | awk '{print $2}' | cut -d'/' -f1 | head -n1) fi # Fallback: try to find any interface with 100.x.x.x IP (typical Tailscale range) if [ -z "$TAILSCALE_IP" ]; then TAILSCALE_IP=$(ip route get 8.8.8.8 2>/dev/null | grep -o 'src [0-9\.]*' | grep '100\.' | awk '{print $2}' | head -n1) fi # Another fallback: check all interfaces for 100.x.x.x if [ -z "$TAILSCALE_IP" ]; then TAILSCALE_IP=$(ip addr show 2>/dev/null | grep -o 'inet 100\.[0-9\.]*' | awk '{print $2}' | head -n1) fi # Final fallback: use localhost if no Tailscale IP found if [ -z "$TAILSCALE_IP" ]; then echo "Warning: Could not find Tailscale IP, using 127.0.0.1" TAILSCALE_IP="127.0.0.1" else echo "Found Tailscale IP: $TAILSCALE_IP" fi # Create config directory mkdir -p /usr/local/etc/xray # Replace TAILSCALE_IP placeholder in config template sed "s/TAILSCALE_IP/$TAILSCALE_IP/g" /config-template/config.json.template > /usr/local/etc/xray/config.json echo "Generated Xray config:" cat /usr/local/etc/xray/config.json # Increase file descriptor limits ulimit -n 65536 2>/dev/null || echo "Warning: Could not increase file descriptor limit" echo "Starting Xray with binary: $XRAY_BIN" exec "$XRAY_BIN" run -c /usr/local/etc/xray/config.json --- apiVersion: apps/v1 kind: DaemonSet metadata: name: xray-daemon labels: app: xray spec: selector: matchLabels: app: xray template: metadata: labels: app: xray spec: hostNetwork: true dnsPolicy: ClusterFirstWithHostNet nodeSelector: xray: "true" tolerations: - operator: Exists effect: NoSchedule containers: - name: xray image: teddysun/xray:latest command: ["/bin/sh"] args: ["/scripts/init.sh"] securityContext: privileged: true capabilities: add: - NET_ADMIN - NET_RAW volumeMounts: - name: config-template mountPath: /config-template readOnly: true - name: init-script mountPath: /scripts readOnly: true - name: xray-config mountPath: /usr/local/etc/xray ports: - containerPort: 10086 protocol: TCP name: api livenessProbe: tcpSocket: port: 10086 initialDelaySeconds: 30 periodSeconds: 10 readinessProbe: tcpSocket: port: 10086 initialDelaySeconds: 5 periodSeconds: 5 resources: limits: memory: "512Mi" cpu: "500m" requests: memory: "256Mi" cpu: "250m" volumes: - name: config-template configMap: name: xray-config-template defaultMode: 0644 - name: init-script configMap: name: xray-init-script defaultMode: 0755 - name: xray-config emptyDir: {} restartPolicy: Always --- apiVersion: v1 kind: Service metadata: name: xray-api-service labels: app: xray spec: type: ClusterIP ports: - port: 10086 targetPort: 10086 protocol: TCP name: api selector: app: xray